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Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
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earned patent term adjustment. See 37 CFR 1.704(b). 
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2aO This action is FINAL. 2b)S This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
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DETAILED ACTION 

This first non-final action is in response to the original filing of 02/16/2004. Claims 1-48 
are pending and have been considered as follows. 

Examiner's Note 

1 . The Applicant appears to be attempting to invoke 35 U.S.C, 112 6* paragraph in Claims 
38-48 by using "means-plus-function" language. However, the Examiner notes that the only 
"means" for performing these cited functions in the specification appears to be computer 
program modules. While the claims pass the first test of the three-prong test used to determine 
invocation of paragraph 6, since no other specific structural limitations are disclosed in the 
specification, the claims do not meet the other tests of the three-prong test. Therefore, 35 U.S.C. 
112 6* paragraph has not been invoked when considering these claims below. 

Claim Objections 

2. Claims 1 9 & 37 are objected to under 37 CFR 1 .75(c), as being of improper dependent 
form for failing to further limit the subject matter of their respective previous claims. 

- Claim 19 is a medium (i.e. computer-readable media) that refers back to Claim 1 . The 
Office considers any claim that refers to another claim as dependent thereon, i.e. a 
dependent claim. Since Claim 1 is a method claim comprising three steps and Claim 19 
fails to add, delete, or change any of these steps. Claim 19 fails to fijrther limit its parent 
claim. 
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- Claim 37 is a medium (i.e. computer-readable media) that refers back to Claim 20. The 
Office considers any claim that refers to another claim as dependent thereon, i.e. a 
dependent claim. Since Claim 20 is a system claim comprising two components and 
Claim 37 fails to add, delete, or change any of these components, Claim 37 fails to 
further limit its parent claim. 
The examiner notes that Claims 19 & 37 will be interpreted as "a machine readable medium 
having instructions" for the considerations below. Applicant is required to cancel the claim(s), 
or amend the claim(s) to place the claim(s) in proper dependent form, or rewrite the claim(s) in 
independent form. 

3. Claim 20 is objected to because of the following informalities: Line 2 of Claim 20 recites 
"obtaining" which should be "...obtain..." Appropriate correction is required. 

Specification 

4. The use of the trademarks "Kerberos" and "Windows Server" on page 9 lines 1 & 8 have 
been noted in this application. It should be capitalized wherever it appears and be accompanied 
by the generic terminology. 

Although the use of trademarks is permissible in patent applications, the proprietary 
nature of the marks should be respected and every effort made to prevent their use in any manner 
which might adversely affect their validity as trademarks. 
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The examiner notes that corrections to acknowledge these trademarks or any other 
trademarks found throughout the applicant's specification should be capitalized and 
accompanied by one of the commonly used symbols for each recitation of a trademark (e.g. 
KERBEROS'^^, WINDOWS SERVER^*^ 2003, etc). 

Claim Rejections - 35 USC § 112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

6. Claim 9 is rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for failing 
to particularly point out and distinctly claim the subject matter which applicant regards as the 
invention. 

- Claim 9 recites the limitation "the method" in line 2. There is insufficient antecedent 
basis for this limitation in the claim. 

Claim Rejections - 35 USC§ 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

8. Claims 1,19, 20, 37, & 38 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Chov (US-6141754-A). 
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Claims 1,20,&38: 

Chov discloses a method, a system, and a machine-readable medium having components 
comprising, 

- "receiving a message having an associated token" [Fig 5 illustrates the reception and 
transmission of a message]; 

- "the token is associated with a subject" (i.e. "rather is associated with a specific user") 
[column 5 lines 44-45]; 

- "obtaining a first claim from the token" (i.e. "The distributed content entity includes a 
protection specification 301 and an information entity") [column 5 lines 31-32]; 

- "the claim comprises a statement about the subject" (i.e. "a user privilege") [column 5 
line 42]; 

- "selectively mapping the first claim to a second claim" (i.e. "The information entity and 
protection specification can be associated with one another so that referential integrity is 
maintained") [column 6 lines 8-10]. 

Claims 19&37: 

Chov discloses a machine-readable medium having components comprising, 

- "a machine readable medium having instructions/the modules for performing the method 
of/recited in claim 1 /claim 20" (i.e. "The invention is further directed to a program 
product, embodied on a computer-readable medium") [column 4 lines 30-31]. 
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Claim Rejections - 35 USC§ 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

10. Claims 2-5, 12-16, 21-23, 30-34, 39-40, & 43-47 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Chov (US-6141754-A). 

Claim 2: 

Chov discloses a method, as in Claim 1 above, but does not explicitly disclose, 

- "obtaining another claim from the token" 
however, Chov does disclose, 

- "The distributed content entity includes a protection specification 301 and an information 
entity" [column 5 lines 31-32]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "obtaining another claim from the token," in the invention as 
disclosed by Chov since it is implied that a method which includes a step for receiving a message 
would receive at least one message, thereby obviating that more than one (i.e. another) message 
and its embedded contents would be obtained. 
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Claims 3, 4, 21, 22, 39, 40, & 45: 

Chov discloses a method, a system, and a machine-readable medium having components, as in 
Claims 1, 20, & 38 above respectively, but does not explicitly disclose, 

- "rejecting the message as a function of the first claim" 

- "rejecting the message as a function of the second claim" 
however, Chov does disclose, 

- "the access checking unit 401 consults the user privilege unit 402. If the user has the 
appropriate privileges to access the collection the access checking unit determines 
whether the requested information entity exists in the collection (i.e., the protected 
information entity storage unit" [column 9 lines 57-62]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "rejecting the message as a function of the first claim" and 
"rejecting the message as a flinction of the second claim," in the invention as disclosed by Choy 
since the access checking unit is determining whether the requested information entity exists in 
the collection which is based on some criteria from the user (i.e. first claim, second claim, etc). 
Claims 5 & 23: 

Chov discloses a method and a system, as in Claims 1 & 20 above respectively, but does not 
explicitly disclose, 

- "forming a claim collection that includes the first and second claims" 
however, Chov does disclose. 
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- "Within a storage layer or repository which stores the information entity, the information 
entity preferably references its corresponding protection specification, thereby linking the 
information entity with the protection specification. Here, the referencing, or linking, is 
within a metadata database which contains metadata for the information entity" [column 
5 lines 66-67 & column 6 lines 1-4]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "forming a claim collection that includes the first and second 
claims," in the invention as disclosed by Chov since it is reasonable to expect that the storage of 
information entities (i.e. claims) is a repository (i.e. collection) of organized data. 
Claims 12, 30, & 43: 

Chov discloses a method, a system, and a machine-readable medium having components, as in 
Claims 1, 20, & 38 above respectively, but does not explicitly disclose, 

- "sending a return message to a sender of the message" 

- "the return message includes information regarding the second claim" 
however, Chov does disclose, 

- "a message is returned indicating the requested information entity is not present in the 
data collection" [column 1 1 lines 34-35]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "sending a return message to a sender of the message" and "the 
return message includes information regarding the second claim," in the invention as disclosed 
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by Chov since a return message would typically have additional information upon a failed 
condition for the purposes of providing information for the reason of failure (i.e. information 
regarding the second claim). 
Claims 13&31: 

Chov discloses a method and a system, as in Claims 12 & 30 above respectively, but does not 
explicitly disclose, 

- "the information regarding the second claim comprises the second claim" 
however, Chov does disclose, 

- "an information entity 302 in which the protection specification 301 is always "attached" 
to the information entity" [column 5 lines 33-35]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "the information regarding the second claim comprises the 
second claim," in the invention as disclosed by Chov since information which is "attached" to a 
first set of information generally would coincide or relate to itself (i.e. second claim comprises 
the second claim). That is, if the second claim did not comprise of at least itself at one point in 
time, then the second claim would not be the second claim. 
Claims 14-16, 32-34, 44, 46, & 47: 

Chov discloses a method, a system, and a machine-readable medium having components, as in 
Claims 1, 20, & 38 above respectively, but does not explicitly disclose, 

- "obtaining a third claim from the first claim" 

- "obtaining a third claim from the second claim" 

- "selectively rejecting the first claim" 
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however, Chov does disclose, 

- "The information entities and operations are particular to a specific information system, 
whereas the users can be generalized to include user accounts, roles and groups. 
Typically, the presence of an ACL represents an access authorization" [column 1 lines 
33-37]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "obtaining a third claim from the first claim" and "obtaining a 
third claim from the second claim" and "selectively rejecting the first claim," in the invention as 
disclosed by Chov since access control lists typically have many combinations of rules for each 
user, where the first rule and the second rule may be applied to the first user and where rules for 
users may be created from other rules as necessitated by their level of authorization (i.e. a third 
claim from the first claim). 

11. Claims 6, 8-11, 24, 26-29, 41, & 42 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Chov (US-6141754-A) in view of R. Fielding (RFC 1808). 
Claims 6, 8-1 1, 24, 26-29, 41, & 42: 

Chov discloses a method, a system, and a machine-readable medium having components, as in 
Claims 1, 20, & 38 above, but does not disclose, 

- "obtaining a resource identifier from the message" 

- "the resource identifier comprises a property of the message" 

- "obtaining a resource identifier from a computing system performing the method" 

- "the resource identifier comprises a property of the computing system's runtime 
environment" 
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- "a resource corresponding to the resource identifier is stored by the computing system" 
however, R, Fielding does disclose, 

- "A Uniform Resource Locator (URL) is a compact representation of the location and 
access method for a resource available via the Internet. When embedded within a base 
document, a URL in its absolute form may contain a great deal of information which is 
already known from the context of that base document's retrieval, including the scheme, 
network location, and parts of the url-path. In situations where the base URL is well- 
defined and known to the parser (human or machine), it is useful to be able to embed 
URL references which inherit that context rather than re-specifying it in every instance" 
[pagel]; ^ 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "obtaining a resource identifier from the message" and "the 
resource identifier comprises a property of the message" and "obtaining a resource identifier 
from a computing system performing the method" and "the resource identifier comprises a 
property of the computing system's runtime environment" and "a resource corresponding to the 
resource identifier is stored by the computing system," in the invention as disclosed by Chov for 
the purposes of providing embedded information for a resource available via the Internet. 
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12, Claims 7 & 25 are rejected under 35 U.S.C. 103(a) as being unpatentable over Chov (US- 
6141754-A) in view of R. Fielding (RFC 1808) and in further view of Clark et al. ("XML Path 
Language"). 

Claims 7 & 25: 

Chov and R. Fielding disclose a method and a system, as in Claims 6 & 24 above respectively, 
but do not disclose, 

- "obtaining the resource from the message comprises applying an XPath expression" 
however, Clark et aL do disclose, 

- "Xpath gets its name from its name from its use of a path notation as in URLs" [pages 3]; 
Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "obtaining the resource from the message comprises applying 
an XPath expression," in the invention as disclosed by Chov and R. Fielding for the purposes of 
"navigating through the hierarchical structure of an XML document" [R. Fielding page 3]. 

13. Claims 17, 18, 35, 36, & 48 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Chov (US-6141754-A) in view of Lynch (US-6487600-B1). 

Claims 17&35: 

Chov discloses a method and a system, as in Claims 6 & 24 above respectively, but does not 
disclose, 

- "the token is received out-of-band from the message" 
however, Lvnch does disclose. 
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- "To enhance security of these tokens, initial sets of tokens will be exchanged via a secure 
channel or via secure delivery. Alternatively, an initial set of tokens may be exchanged 
via multiple channels" [column 29 lines 36-39]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "the token is received out-of-band from the message," in the 
invention as disclosed by Chov for the purposes of there being a low probability existing that an 
attacker could listen to all, or most of the channels so as to intercept all token pieces and 
reconstruct the tokens. 
Claims 18, 36,&48: 

Chov discloses a method, a system, and a machine-readable medium having components, as in 
Claims 1 , 20, & 38 above respectively, but does not explicitly disclose, 

- "sending the message, the token and a second token to another entity" 

- "the second token includes information related to the second claim" 
however, Chov does disclose, 

- "Primary migration of tokens occurs when the token passes from one network member to 
another network member. Secondary migration occurs when the same token passes to a 
third, fourth, fifth, etc., network member" [column 29 lines 45-49]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "sending the message, the token and a second token to another 
entity" and "the second token includes information related to the second claim," in the invention 
as disclosed by Chov since "all of this information may be used when a network member 
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questions another network member for authentication purposes. Further, all of this information 
may be used by the network members in referring to particular tokens that are used for 
encryption/decryption purposes" [column 29 lines 55-59]. 



14. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Examiner Oscar Louie whose telephone number is 571-270-1684. 
The examiner can normally be reached Monday through Thursday from 7:30 AM to 4:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner*s 
supervisor, Nasser Moazzami, can be reached at 571-272-4195. The fax phone number for 
Formal or Official faxes to Technology Center 2100 is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Conclusion 



OAL 
09/06/2007 



Nasser Moazzami 
Supervisory Patent Examiner 




